LastPass (Windows Store Trusted Apps) Authenticator Issue

Help with the Windows installer (lastpass.exe)

Moderators: admin, anatoly_LP, chantieLP, JoeSiegrist, robyn

LastPass (Windows Store Trusted Apps) Authenticator Issue

Postby Nolenthar » Mon Sep 26, 2016 4:01 pm

I recently configured Last Pass Authenticator, whereas I used to run Google Authenticator. The reason for the move was simple. Last Pass Authenticator supports Push authentication, which makes it way faster to authorize apps than opening Google Auth, copy the code, etc.

However, after testing it along with The Windows Store Apps, I got quite the surprise.

The Last Pass App behaves this way :

- Launch App
- Ask for Password
- If correct, opens the app for a brief moment (you can see the vault already). If Google Authenticator is on, your vault turns white, and a pop up asks for the code. It's not awesome and you can still click on the items, but they have no effect.
- However, if running the Last Pass Authenticator, you already get access to the vault before the notification is pushed. Refusing it has absolutely no effect, and the user is not logged off / kicked off the app.

Fortunately, this doesn't seem to happen with the chrome extension. And I presume this may not work if the vault is not already stored locally, but gosh, that's quite a big security hole for a service which is basically tasked with storing ALL the most sensitive information an user can get !

I was pondering to go Premium, I guess that makes me very cold now.
Posts: 1
Joined: Mon Sep 26, 2016 3:52 pm

Re: LastPass (Windows Store Trusted Apps) Authenticator Issu

Postby dmitrijLP » Wed Sep 28, 2016 10:13 pm

Do you have offline mode disabled?
Posts: 1332
Joined: Mon Jun 23, 2014 8:46 am

Return to Windows Installer Questions

Who is online

Users browsing this forum: Bing [Bot] and 1 guest